viya4-monitoring-kubernetes
viya4-monitoring-kubernetes copied to clipboard
Published
20 hours ago •
sassoftware
sassoftware
Alertendpoint
sh-checker report
To get the full details, please check in the job output.
shellcheck errors
'shellcheck -e SC1004' returned error 1 finding the following syntactical issues:
----------
In monitoring/bin/deploy_monitoring_cluster.sh line 6:
cd "$(dirname $BASH_SOURCE)/../.."
^----------^ SC2128 (warning): Expanding an array without an index only gives the first element.
^----------^ SC2086 (info): Double quote to prevent globbing and word splitting.
Did you mean:
cd "$(dirname "$BASH_SOURCE")/../.."
In monitoring/bin/deploy_monitoring_cluster.sh line 7:
source monitoring/bin/common.sh
^----------------------^ SC1091 (info): Not following: monitoring/bin/common.sh was not specified as input (see shellcheck -x).
In monitoring/bin/deploy_monitoring_cluster.sh line 8:
source bin/service-url-include.sh
^------------------------^ SC1091 (info): Not following: bin/service-url-include.sh was not specified as input (see shellcheck -x).
In monitoring/bin/deploy_monitoring_cluster.sh line 18:
source bin/tls-include.sh
^----------------^ SC1091 (info): Not following: bin/tls-include.sh was not specified as input (see shellcheck -x).
In monitoring/bin/deploy_monitoring_cluster.sh line 19:
if verify_cert_generator $MON_NS prometheus alertmanager grafana; then
^-----^ SC2086 (info): Double quote to prevent globbing and word splitting.
Did you mean:
if verify_cert_generator "$MON_NS" prometheus alertmanager grafana; then
In monitoring/bin/deploy_monitoring_cluster.sh line 20:
log_debug "cert generator check OK [$cert_generator_ok]"
^----------------^ SC2154 (warning): cert_generator_ok is referenced but not assigned.
In monitoring/bin/deploy_monitoring_cluster.sh line 22:
log_error "One or more required TLS certs do not exist and the expected certificate generator mechanism [$cert_generator] is not available to create the missing certs"
^-------------^ SC2154 (warning): cert_generator is referenced but not assigned.
In monitoring/bin/deploy_monitoring_cluster.sh line 26:
helm2ReleaseCheck v4m-$MON_NS
^-----^ SC2086 (info): Double quote to prevent globbing and word splitting.
Did you mean:
helm2ReleaseCheck v4m-"$MON_NS"
In monitoring/bin/deploy_monitoring_cluster.sh line 27:
helm2ReleaseCheck prometheus-$MON_NS
^-----^ SC2086 (info): Double quote to prevent globbing and word splitting.
Did you mean:
helm2ReleaseCheck prometheus-"$MON_NS"
In monitoring/bin/deploy_monitoring_cluster.sh line 43:
if [ -z "$(kubectl get ns $MON_NS -o name 2>/dev/null)" ]; then
^-----^ SC2086 (info): Double quote to prevent globbing and word splitting.
Did you mean:
if [ -z "$(kubectl get ns "$MON_NS" -o name 2>/dev/null)" ]; then
In monitoring/bin/deploy_monitoring_cluster.sh line 44:
kubectl create ns $MON_NS
^-----^ SC2086 (info): Double quote to prevent globbing and word splitting.
Did you mean:
kubectl create ns "$MON_NS"
In monitoring/bin/deploy_monitoring_cluster.sh line 47:
disable_sa_token_automount $MON_NS default
^-----^ SC2086 (info): Double quote to prevent globbing and word splitting.
Did you mean:
disable_sa_token_automount "$MON_NS" default
In monitoring/bin/deploy_monitoring_cluster.sh line 52:
generateImageKeysFile "$ALERTMANAGER_FULL_IMAGE" "$imageKeysFile" "ALERTMANAGER_"
^------------^ SC2154 (warning): imageKeysFile is referenced but not assigned.
In monitoring/bin/deploy_monitoring_cluster.sh line 100:
if kubectl get crd $crd.monitoring.coreos.com 1>/dev/null 2>&1; then
^--^ SC2086 (info): Double quote to prevent globbing and word splitting.
Did you mean:
if kubectl get crd "$crd".monitoring.coreos.com 1>/dev/null 2>&1; then
In monitoring/bin/deploy_monitoring_cluster.sh line 101:
kubectl replace -f $crdURL
^-----^ SC2086 (info): Double quote to prevent globbing and word splitting.
Did you mean:
kubectl replace -f "$crdURL"
In monitoring/bin/deploy_monitoring_cluster.sh line 103:
kubectl create -f $crdURL
^-----^ SC2086 (info): Double quote to prevent globbing and word splitting.
Did you mean:
kubectl create -f "$crdURL"
In monitoring/bin/deploy_monitoring_cluster.sh line 111:
kubectl delete daemonset -n $MON_NS -l app=prometheus-node-exporter --ignore-not-found
^-----^ SC2086 (info): Double quote to prevent globbing and word splitting.
Did you mean:
kubectl delete daemonset -n "$MON_NS" -l app=prometheus-node-exporter --ignore-not-found
In monitoring/bin/deploy_monitoring_cluster.sh line 129:
create_tls_certs $MON_NS monitoring ${apps[@]}
^-----^ SC2086 (info): Double quote to prevent globbing and word splitting.
^--------^ SC2068 (error): Double quote array expansions to avoid re-splitting elements.
Did you mean:
create_tls_certs "$MON_NS" monitoring ${apps[@]}
In monitoring/bin/deploy_monitoring_cluster.sh line 139:
kubectl delete cm -n $MON_NS --ignore-not-found grafana-datasource-prom-https
^-----^ SC2086 (info): Double quote to prevent globbing and word splitting.
Did you mean:
kubectl delete cm -n "$MON_NS" --ignore-not-found grafana-datasource-prom-https
In monitoring/bin/deploy_monitoring_cluster.sh line 140:
kubectl create cm -n $MON_NS grafana-datasource-prom-https --from-file monitoring/tls/$grafanaDS
^-----^ SC2086 (info): Double quote to prevent globbing and word splitting.
Did you mean:
kubectl create cm -n "$MON_NS" grafana-datasource-prom-https --from-file monitoring/tls/$grafanaDS
In monitoring/bin/deploy_monitoring_cluster.sh line 141:
kubectl label cm -n $MON_NS grafana-datasource-prom-https grafana_datasource=1 sas.com/monitoring-base=kube-viya-monitoring
^-----^ SC2086 (info): Double quote to prevent globbing and word splitting.
Did you mean:
kubectl label cm -n "$MON_NS" grafana-datasource-prom-https grafana_datasource=1 sas.com/monitoring-base=kube-viya-monitoring
In monitoring/bin/deploy_monitoring_cluster.sh line 145:
kubectl delete cm -n $MON_NS node-exporter-tls-web-config --ignore-not-found
^-----^ SC2086 (info): Double quote to prevent globbing and word splitting.
Did you mean:
kubectl delete cm -n "$MON_NS" node-exporter-tls-web-config --ignore-not-found
In monitoring/bin/deploy_monitoring_cluster.sh line 147:
kubectl create cm -n $MON_NS node-exporter-tls-web-config --from-file monitoring/tls/node-exporter-web.yaml
^-----^ SC2086 (info): Double quote to prevent globbing and word splitting.
Did you mean:
kubectl create cm -n "$MON_NS" node-exporter-tls-web-config --from-file monitoring/tls/node-exporter-web.yaml
In monitoring/bin/deploy_monitoring_cluster.sh line 148:
kubectl label cm -n $MON_NS node-exporter-tls-web-config sas.com/monitoring-base=kube-viya-monitoring
^-----^ SC2086 (info): Double quote to prevent globbing and word splitting.
Did you mean:
kubectl label cm -n "$MON_NS" node-exporter-tls-web-config sas.com/monitoring-base=kube-viya-monitoring
In monitoring/bin/deploy_monitoring_cluster.sh line 160:
if helm3ReleaseExists prometheus-operator $MON_NS; then
^-----^ SC2086 (info): Double quote to prevent globbing and word splitting.
Did you mean:
if helm3ReleaseExists prometheus-operator "$MON_NS"; then
In monitoring/bin/deploy_monitoring_cluster.sh line 169:
if helm3ReleaseExists $promRelease $MON_NS; then
^-----^ SC2086 (info): Double quote to prevent globbing and word splitting.
Did you mean:
if helm3ReleaseExists $promRelease "$MON_NS"; then
In monitoring/bin/deploy_monitoring_cluster.sh line 183:
kubectl delete -n $MON_NS --ignore-not-found \
^-----^ SC2086 (info): Double quote to prevent globbing and word splitting.
Did you mean:
kubectl delete -n "$MON_NS" --ignore-not-found \
In monitoring/bin/deploy_monitoring_cluster.sh line 202:
chart2install="$(get_helmchart_reference $KUBE_PROM_STACK_CHART_REPO $KUBE_PROM_STACK_CHART_NAME $KUBE_PROM_STACK_CHART_VERSION)"
^-------------------------^ SC2086 (info): Double quote to prevent globbing and word splitting.
^-------------------------^ SC2086 (info): Double quote to prevent globbing and word splitting.
^----------------------------^ SC2086 (info): Double quote to prevent globbing and word splitting.
Did you mean:
chart2install="$(get_helmchart_reference "$KUBE_PROM_STACK_CHART_REPO" "$KUBE_PROM_STACK_CHART_NAME" "$KUBE_PROM_STACK_CHART_VERSION")"
In monitoring/bin/deploy_monitoring_cluster.sh line 203:
versionstring="$(get_helm_versionstring $KUBE_PROM_STACK_CHART_VERSION)"
^----------------------------^ SC2086 (info): Double quote to prevent globbing and word splitting.
Did you mean:
versionstring="$(get_helm_versionstring "$KUBE_PROM_STACK_CHART_VERSION")"
In monitoring/bin/deploy_monitoring_cluster.sh line 206:
helm $helmDebug upgrade --install $promRelease \
^--------^ SC2086 (info): Double quote to prevent globbing and word splitting.
Did you mean:
helm "$helmDebug" upgrade --install $promRelease \
In monitoring/bin/deploy_monitoring_cluster.sh line 207:
--namespace $MON_NS \
^-----^ SC2086 (info): Double quote to prevent globbing and word splitting.
Did you mean:
--namespace "$MON_NS" \
In monitoring/bin/deploy_monitoring_cluster.sh line 208:
-f $imageKeysFile \
^------------^ SC2086 (info): Double quote to prevent globbing and word splitting.
Did you mean:
-f "$imageKeysFile" \
In monitoring/bin/deploy_monitoring_cluster.sh line 210:
-f $istioValuesFile \
^--------------^ SC2086 (info): Double quote to prevent globbing and word splitting.
Did you mean:
-f "$istioValuesFile" \
In monitoring/bin/deploy_monitoring_cluster.sh line 211:
-f $tlsValuesFile \
^------------^ SC2086 (info): Double quote to prevent globbing and word splitting.
Did you mean:
-f "$tlsValuesFile" \
In monitoring/bin/deploy_monitoring_cluster.sh line 212:
-f $tlsPromAlertingEndpointFile \
^--------------------------^ SC2154 (warning): tlsPromAlertingEndpointFile is referenced but not assigned.
^--------------------------^ SC2086 (info): Double quote to prevent globbing and word splitting.
Did you mean:
-f "$tlsPromAlertingEndpointFile" \
In monitoring/bin/deploy_monitoring_cluster.sh line 213:
-f $nodePortValuesFile \
^-----------------^ SC2086 (info): Double quote to prevent globbing and word splitting.
Did you mean:
-f "$nodePortValuesFile" \
In monitoring/bin/deploy_monitoring_cluster.sh line 214:
-f $wnpValuesFile \
^------------^ SC2086 (info): Double quote to prevent globbing and word splitting.
Did you mean:
-f "$wnpValuesFile" \
In monitoring/bin/deploy_monitoring_cluster.sh line 215:
-f $PROM_OPER_USER_YAML \
^------------------^ SC2086 (info): Double quote to prevent globbing and word splitting.
Did you mean:
-f "$PROM_OPER_USER_YAML" \
In monitoring/bin/deploy_monitoring_cluster.sh line 216:
-f $tempoDSFile \
^----------^ SC2086 (info): Double quote to prevent globbing and word splitting.
Did you mean:
-f "$tempoDSFile" \
In monitoring/bin/deploy_monitoring_cluster.sh line 227:
$versionstring \
^------------^ SC2086 (info): Double quote to prevent globbing and word splitting.
Did you mean:
"$versionstring" \
In monitoring/bin/deploy_monitoring_cluster.sh line 228:
$chart2install
^------------^ SC2086 (info): Double quote to prevent globbing and word splitting.
Did you mean:
"$chart2install"
In monitoring/bin/deploy_monitoring_cluster.sh line 233:
disable_sa_token_automount $MON_NS v4m-grafana
^-----^ SC2086 (info): Double quote to prevent globbing and word splitting.
Did you mean:
disable_sa_token_automount "$MON_NS" v4m-grafana
In monitoring/bin/deploy_monitoring_cluster.sh line 234:
disable_sa_token_automount $MON_NS sas-ops-acct #Used w/Prometheus
^-----^ SC2086 (info): Double quote to prevent globbing and word splitting.
Did you mean:
disable_sa_token_automount "$MON_NS" sas-ops-acct #Used w/Prometheus
In monitoring/bin/deploy_monitoring_cluster.sh line 235:
disable_sa_token_automount $MON_NS v4m-node-exporter
^-----^ SC2086 (info): Double quote to prevent globbing and word splitting.
Did you mean:
disable_sa_token_automount "$MON_NS" v4m-node-exporter
In monitoring/bin/deploy_monitoring_cluster.sh line 236:
disable_sa_token_automount $MON_NS v4m-alertmanager
^-----^ SC2086 (info): Double quote to prevent globbing and word splitting.
Did you mean:
disable_sa_token_automount "$MON_NS" v4m-alertmanager
In monitoring/bin/deploy_monitoring_cluster.sh line 239:
disable_sa_token_automount $MON_NS v4m-kube-state-metrics
^-----^ SC2086 (info): Double quote to prevent globbing and word splitting.
Did you mean:
disable_sa_token_automount "$MON_NS" v4m-kube-state-metrics
In monitoring/bin/deploy_monitoring_cluster.sh line 240:
enable_pod_token_automount $MON_NS deployment v4m-kube-state-metrics
^-----^ SC2086 (info): Double quote to prevent globbing and word splitting.
Did you mean:
enable_pod_token_automount "$MON_NS" deployment v4m-kube-state-metrics
In monitoring/bin/deploy_monitoring_cluster.sh line 241:
disable_sa_token_automount $MON_NS v4m-operator
^-----^ SC2086 (info): Double quote to prevent globbing and word splitting.
Did you mean:
disable_sa_token_automount "$MON_NS" v4m-operator
In monitoring/bin/deploy_monitoring_cluster.sh line 242:
enable_pod_token_automount $MON_NS deployment v4m-operator
^-----^ SC2086 (info): Double quote to prevent globbing and word splitting.
Did you mean:
enable_pod_token_automount "$MON_NS" deployment v4m-operator
In monitoring/bin/deploy_monitoring_cluster.sh line 259:
chart2install="$(get_helmchart_reference $TEMPO_CHART_REPO $TEMPO_CHART_NAME $TEMPO_CHART_VERSION)"
^---------------^ SC2086 (info): Double quote to prevent globbing and word splitting.
^---------------^ SC2086 (info): Double quote to prevent globbing and word splitting.
^------------------^ SC2086 (info): Double quote to prevent globbing and word splitting.
Did you mean:
chart2install="$(get_helmchart_reference "$TEMPO_CHART_REPO" "$TEMPO_CHART_NAME" "$TEMPO_CHART_VERSION")"
In monitoring/bin/deploy_monitoring_cluster.sh line 260:
versionstring="$(get_helm_versionstring $TEMPO_CHART_VERSION)"
^------------------^ SC2086 (info): Double quote to prevent globbing and word splitting.
Did you mean:
versionstring="$(get_helm_versionstring "$TEMPO_CHART_VERSION")"
In monitoring/bin/deploy_monitoring_cluster.sh line 266:
-f $imageKeysFile \
^------------^ SC2086 (info): Double quote to prevent globbing and word splitting.
Did you mean:
-f "$imageKeysFile" \
In monitoring/bin/deploy_monitoring_cluster.sh line 269:
$versionstring \
^------------^ SC2086 (info): Double quote to prevent globbing and word splitting.
Did you mean:
"$versionstring" \
In monitoring/bin/deploy_monitoring_cluster.sh line 270:
$chart2install
^------------^ SC2086 (info): Double quote to prevent globbing and word splitting.
Did you mean:
"$chart2install"
In monitoring/bin/deploy_monitoring_cluster.sh line 275:
kubectl get ns $NGINX_NS 2>/dev/null
^-------^ SC2086 (info): Double quote to prevent globbing and word splitting.
Did you mean:
kubectl get ns "$NGINX_NS" 2>/dev/null
In monitoring/bin/deploy_monitoring_cluster.sh line 276:
if [ $? == 0 ]; then
^-- SC2181 (style): Check exit code directly with e.g. 'if mycmd;', not indirectly with $?.
In monitoring/bin/deploy_monitoring_cluster.sh line 283:
kubectl apply -n $NGINX_NS -f monitoring/monitors/kube/podMonitor-nginx.yaml 2>/dev/null
^-------^ SC2086 (info): Double quote to prevent globbing and word splitting.
Did you mean:
kubectl apply -n "$NGINX_NS" -f monitoring/monitors/kube/podMonitor-nginx.yaml 2>/dev/null
In monitoring/bin/deploy_monitoring_cluster.sh line 287:
kubectl apply -n $MON_NS -f monitoring/monitors/kube/podMonitor-eventrouter.yaml 2>/dev/null
^-----^ SC2086 (info): Double quote to prevent globbing and word splitting.
Did you mean:
kubectl apply -n "$MON_NS" -f monitoring/monitors/kube/podMonitor-eventrouter.yaml 2>/dev/null
In monitoring/bin/deploy_monitoring_cluster.sh line 290:
kubectl apply -n $MON_NS -f monitoring/monitors/logging/serviceMonitor-elasticsearch.yaml
^-----^ SC2086 (info): Double quote to prevent globbing and word splitting.
Did you mean:
kubectl apply -n "$MON_NS" -f monitoring/monitors/logging/serviceMonitor-elasticsearch.yaml
In monitoring/bin/deploy_monitoring_cluster.sh line 293:
kubectl apply -n $MON_NS -f monitoring/monitors/logging/serviceMonitor-fluent-bit.yaml
^-----^ SC2086 (info): Double quote to prevent globbing and word splitting.
Did you mean:
kubectl apply -n "$MON_NS" -f monitoring/monitors/logging/serviceMonitor-fluent-bit.yaml
In monitoring/bin/deploy_monitoring_cluster.sh line 294:
kubectl apply -n $MON_NS -f monitoring/monitors/logging/serviceMonitor-fluent-bit-v2.yaml
^-----^ SC2086 (info): Double quote to prevent globbing and word splitting.
Did you mean:
kubectl apply -n "$MON_NS" -f monitoring/monitors/logging/serviceMonitor-fluent-bit-v2.yaml
In monitoring/bin/deploy_monitoring_cluster.sh line 299:
kubectl apply -n $MON_NS -f $f
^-----^ SC2086 (info): Double quote to prevent globbing and word splitting.
^-- SC2086 (info): Double quote to prevent globbing and word splitting.
Did you mean:
kubectl apply -n "$MON_NS" -f "$f"
In monitoring/bin/deploy_monitoring_cluster.sh line 328:
gf_url=$(get_service_url $MON_NS v4m-grafana "$TLS_ENABLE")
^-----^ SC2086 (info): Double quote to prevent globbing and word splitting.
Did you mean:
gf_url=$(get_service_url "$MON_NS" v4m-grafana "$TLS_ENABLE")
In monitoring/bin/deploy_monitoring_cluster.sh line 334:
if helm3ReleaseExists v4m $MON_NS; then
^-----^ SC2086 (info): Double quote to prevent globbing and word splitting.
Did you mean:
if helm3ReleaseExists v4m "$MON_NS"; then
In monitoring/bin/deploy_monitoring_cluster.sh line 346:
if [ ! -z "$gf_url" ]; then
^-- SC2236 (style): Use -n instead of ! -z.
For more information:
https://www.shellcheck.net/wiki/SC2068 -- Double quote array expansions to ...
https://www.shellcheck.net/wiki/SC2128 -- Expanding an array without an ind...
https://www.shellcheck.net/wiki/SC2154 -- cert_generator is referenced but ...
----------
You can address the above issues in one of three ways:
1. Manually correct the issue in the offending shell script;
2. Disable specific issues by adding the comment:
# shellcheck disable=NNNN
above the line that contains the issue, where NNNN is the error code;
3. Add '-e NNNN' to the SHELLCHECK_OPTS setting in your .yml action file.
shfmt errors
'shfmt -s' returned error 1 finding the following formatting issues:
----------
--- monitoring/bin/deploy_monitoring_cluster.sh.orig
+++ monitoring/bin/deploy_monitoring_cluster.sh
@@ -8,19 +8,19 @@
source bin/service-url-include.sh
if [ "$OPENSHIFT_CLUSTER" == "true" ]; then
- if [ "${CHECK_OPENSHIFT_CLUSTER:-true}" == "true" ]; then
- log_error "This script should not be run on OpenShift clusters"
- log_error "Run monitoring/bin/deploy_monitoring_openshift.sh instead"
- exit 1
- fi
+ if [ "${CHECK_OPENSHIFT_CLUSTER:-true}" == "true" ]; then
+ log_error "This script should not be run on OpenShift clusters"
+ log_error "Run monitoring/bin/deploy_monitoring_openshift.sh instead"
+ exit 1
+ fi
fi
source bin/tls-include.sh
if verify_cert_generator $MON_NS prometheus alertmanager grafana; then
- log_debug "cert generator check OK [$cert_generator_ok]"
+ log_debug "cert generator check OK [$cert_generator_ok]"
else
- log_error "One or more required TLS certs do not exist and the expected certificate generator mechanism [$cert_generator] is not available to create the missing certs"
- exit 1
+ log_error "One or more required TLS certs do not exist and the expected certificate generator mechanism [$cert_generator] is not available to create the missing certs"
+ exit 1
fi
helm2ReleaseCheck v4m-$MON_NS
@@ -32,33 +32,32 @@
PROM_OPER_USER_YAML="${PROM_OPER_USER_YAML:-$USER_DIR/monitoring/user-values-prom-operator.yaml}"
if [ ! -f "$PROM_OPER_USER_YAML" ]; then
- log_debug "[$PROM_OPER_USER_YAML] not found. Using $TMP_DIR/empty.yaml"
- PROM_OPER_USER_YAML=$TMP_DIR/empty.yaml
+ log_debug "[$PROM_OPER_USER_YAML] not found. Using $TMP_DIR/empty.yaml"
+ PROM_OPER_USER_YAML=$TMP_DIR/empty.yaml
fi
if [ "$HELM_DEBUG" == "true" ]; then
- helmDebug="--debug"
+ helmDebug="--debug"
fi
if [ -z "$(kubectl get ns $MON_NS -o name 2>/dev/null)" ]; then
- kubectl create ns $MON_NS
+ kubectl create ns $MON_NS
- #Container Security: Disable serviceAccount Token Automounting
- disable_sa_token_automount $MON_NS default
+ #Container Security: Disable serviceAccount Token Automounting
+ disable_sa_token_automount $MON_NS default
fi
#Generate yaml file with all container-related keys
-generateImageKeysFile "$PROMOP_FULL_IMAGE" "monitoring/prom-operator_container_image.template"
-generateImageKeysFile "$ALERTMANAGER_FULL_IMAGE" "$imageKeysFile" "ALERTMANAGER_"
-generateImageKeysFile "$ADMWEBHOOK_FULL_IMAGE" "$imageKeysFile" "ADMWEBHOOK_"
-generateImageKeysFile "$KSM_FULL_IMAGE" "$imageKeysFile" "KSM_"
-generateImageKeysFile "$NODEXPORT_FULL_IMAGE" "$imageKeysFile" "NODEXPORT_"
-generateImageKeysFile "$PROMETHEUS_FULL_IMAGE" "$imageKeysFile" "PROMETHEUS_"
-generateImageKeysFile "$CONFIGRELOAD_FULL_IMAGE" "$imageKeysFile" "CONFIGRELOAD_"
-generateImageKeysFile "$GRAFANA_FULL_IMAGE" "$imageKeysFile" "GRAFANA_"
-generateImageKeysFile "$GRAFANA_SIDECAR_FULL_IMAGE" "$imageKeysFile" "SIDECAR_"
+generateImageKeysFile "$PROMOP_FULL_IMAGE" "monitoring/prom-operator_container_image.template"
+generateImageKeysFile "$ALERTMANAGER_FULL_IMAGE" "$imageKeysFile" "ALERTMANAGER_"
+generateImageKeysFile "$ADMWEBHOOK_FULL_IMAGE" "$imageKeysFile" "ADMWEBHOOK_"
+generateImageKeysFile "$KSM_FULL_IMAGE" "$imageKeysFile" "KSM_"
+generateImageKeysFile "$NODEXPORT_FULL_IMAGE" "$imageKeysFile" "NODEXPORT_"
+generateImageKeysFile "$PROMETHEUS_FULL_IMAGE" "$imageKeysFile" "PROMETHEUS_"
+generateImageKeysFile "$CONFIGRELOAD_FULL_IMAGE" "$imageKeysFile" "CONFIGRELOAD_"
+generateImageKeysFile "$GRAFANA_FULL_IMAGE" "$imageKeysFile" "GRAFANA_"
+generateImageKeysFile "$GRAFANA_SIDECAR_FULL_IMAGE" "$imageKeysFile" "SIDECAR_"
-
set -e
log_notice "Deploying monitoring to the [$MON_NS] namespace..."
@@ -68,43 +67,43 @@
istioValuesFile=$TMP_DIR/empty.yaml
# Istio - Federate data from Istio's Prometheus instance
if [ "$ISTIO_ENABLED" == "true" ]; then
- log_verbose "Including Istio metric federation"
- istioValuesFile=$TMP_DIR/values-prom-operator-tmp.yaml
+ log_verbose "Including Istio metric federation"
+ istioValuesFile=$TMP_DIR/values-prom-operator-tmp.yaml
else
- log_debug "ISTIO_ENABLED flag not set"
- log_debug "Skipping deployment of federated scrape of Istio Prometheus instance"
+ log_debug "ISTIO_ENABLED flag not set"
+ log_debug "Skipping deployment of federated scrape of Istio Prometheus instance"
fi
# Check if Prometheus Operator CRDs are already installed
PROM_OPERATOR_CRD_UPDATE=${PROM_OPERATOR_CRD_UPDATE:-true}
if [ "$PROM_OPERATOR_CRD_UPDATE" == "true" ]; then
- log_verbose "Updating Prometheus Operator custom resource definitions"
- crds=( alertmanagerconfigs alertmanagers prometheuses prometheusrules podmonitors servicemonitors thanosrulers probes )
- for crd in "${crds[@]}"; do
-
- ## Determine CRD URL - if in an airgap environment, look for them in USER_DIR.
- if [ "$AIRGAP_DEPLOYMENT" == "true" ]; then
- crdURL=$USER_DIR/monitoring/prometheus-operator-crd/$PROM_OPERATOR_CRD_VERSION/monitoring.coreos.com_$crd.yaml
+ log_verbose "Updating Prometheus Operator custom resource definitions"
+ crds=(alertmanagerconfigs alertmanagers prometheuses prometheusrules podmonitors servicemonitors thanosrulers probes)
+ for crd in "${crds[@]}"; do
- ## Fail if the CRDs could not be located.
- if [ ! -f "$crdURL" ]; then
- log_error "Unable to locate file: [monitoring.coreos.com_$crd.yaml] in"
- log_error "[$USER_DIR/monitoring/prometheus-operator-crd/$PROM_OPERATOR_CRD_VERSION] directory"
- log_error "Please make sure to provide all Prometheus Operator CRDs before running the deployment"
- exit 1
- fi
- else
- crdURL="https://raw.githubusercontent.com/prometheus-operator/prometheus-operator/$PROM_OPERATOR_CRD_VERSION/example/prometheus-operator-crd/monitoring.coreos.com_$crd.yaml"
- fi
+ ## Determine CRD URL - if in an airgap environment, look for them in USER_DIR.
+ if [ "$AIRGAP_DEPLOYMENT" == "true" ]; then
+ crdURL=$USER_DIR/monitoring/prometheus-operator-crd/$PROM_OPERATOR_CRD_VERSION/monitoring.coreos.com_$crd.yaml
- if kubectl get crd $crd.monitoring.coreos.com 1>/dev/null 2>&1; then
- kubectl replace -f $crdURL
- else
- kubectl create -f $crdURL
- fi
- done
+ ## Fail if the CRDs could not be located.
+ if [ ! -f "$crdURL" ]; then
+ log_error "Unable to locate file: [monitoring.coreos.com_$crd.yaml] in"
+ log_error "[$USER_DIR/monitoring/prometheus-operator-crd/$PROM_OPERATOR_CRD_VERSION] directory"
+ log_error "Please make sure to provide all Prometheus Operator CRDs before running the deployment"
+ exit 1
+ fi
+ else
+ crdURL="https://raw.githubusercontent.com/prometheus-operator/prometheus-operator/$PROM_OPERATOR_CRD_VERSION/example/prometheus-operator-crd/monitoring.coreos.com_$crd.yaml"
+ fi
+
+ if kubectl get crd $crd.monitoring.coreos.com 1>/dev/null 2>&1; then
+ kubectl replace -f $crdURL
+ else
+ kubectl create -f $crdURL
+ fi
+ done
else
- log_debug "Prometheus Operator CRD update disabled"
+ log_debug "Prometheus Operator CRD update disabled"
fi
# Remove existing DaemonSets in case of an upgrade-in-place
@@ -113,11 +112,11 @@
# Optional workload node placement support
MON_NODE_PLACEMENT_ENABLE=${MON_NODE_PLACEMENT_ENABLE:-${NODE_PLACEMENT_ENABLE:-false}}
if [ "$MON_NODE_PLACEMENT_ENABLE" == "true" ]; then
- log_verbose "Enabling monitoring components for workload node placement"
- wnpValuesFile="monitoring/node-placement/values-prom-operator-wnp.yaml"
+ log_verbose "Enabling monitoring components for workload node placement"
+ wnpValuesFile="monitoring/node-placement/values-prom-operator-wnp.yaml"
else
- log_debug "Workload node placement support is disabled"
- wnpValuesFile="$TMP_DIR/empty.yaml"
+ log_debug "Workload node placement support is disabled"
+ wnpValuesFile="$TMP_DIR/empty.yaml"
fi
# Optional TLS Support
@@ -125,113 +124,113 @@
serviceMonitorEndpointScheme="http"
if [ "$TLS_ENABLE" == "true" ]; then
- apps=( prometheus alertmanager grafana )
- create_tls_certs $MON_NS monitoring ${apps[@]}
+ apps=(prometheus alertmanager grafana)
+ create_tls_certs $MON_NS monitoring ${apps[@]}
- tlsValuesFile=monitoring/tls/values-prom-operator-tls.yaml
- log_debug "Including TLS response file $tlsValuesFile"
+ tlsValuesFile=monitoring/tls/values-prom-operator-tls.yaml
+ log_debug "Including TLS response file $tlsValuesFile"
- log_verbose "Provisioning TLS-enabled Prometheus datasource for Grafana"
- grafanaDS=grafana-datasource-prom-https.yaml
- if [ "$MON_TLS_PATH_INGRESS" == "true" ]; then
- grafanaDS=grafana-datasource-prom-https-path.yaml
- fi
- kubectl delete cm -n $MON_NS --ignore-not-found grafana-datasource-prom-https
- kubectl create cm -n $MON_NS grafana-datasource-prom-https --from-file monitoring/tls/$grafanaDS
- kubectl label cm -n $MON_NS grafana-datasource-prom-https grafana_datasource=1 sas.com/monitoring-base=kube-viya-monitoring
+ log_verbose "Provisioning TLS-enabled Prometheus datasource for Grafana"
+ grafanaDS=grafana-datasource-prom-https.yaml
+ if [ "$MON_TLS_PATH_INGRESS" == "true" ]; then
+ grafanaDS=grafana-datasource-prom-https-path.yaml
+ fi
+ kubectl delete cm -n $MON_NS --ignore-not-found grafana-datasource-prom-https
+ kubectl create cm -n $MON_NS grafana-datasource-prom-https --from-file monitoring/tls/$grafanaDS
+ kubectl label cm -n $MON_NS grafana-datasource-prom-https grafana_datasource=1 sas.com/monitoring-base=kube-viya-monitoring
- # node-exporter TLS
- log_verbose "Enabling Prometheus node-exporter for TLS"
- kubectl delete cm -n $MON_NS node-exporter-tls-web-config --ignore-not-found
- sleep 1
- kubectl create cm -n $MON_NS node-exporter-tls-web-config --from-file monitoring/tls/node-exporter-web.yaml
- kubectl label cm -n $MON_NS node-exporter-tls-web-config sas.com/monitoring-base=kube-viya-monitoring
+ # node-exporter TLS
+ log_verbose "Enabling Prometheus node-exporter for TLS"
+ kubectl delete cm -n $MON_NS node-exporter-tls-web-config --ignore-not-found
+ sleep 1
+ kubectl create cm -n $MON_NS node-exporter-tls-web-config --from-file monitoring/tls/node-exporter-web.yaml
+ kubectl label cm -n $MON_NS node-exporter-tls-web-config sas.com/monitoring-base=kube-viya-monitoring
- serviceMonitorEndpointScheme="https"
+ serviceMonitorEndpointScheme="https"
fi
nodePortValuesFile=$TMP_DIR/empty.yaml
PROM_NODEPORT_ENABLE=${PROM_NODEPORT_ENABLE:-false}
if [ "$PROM_NODEPORT_ENABLE" == "true" ]; then
- log_debug "Enabling NodePort access for Prometheus and Alertmanager"
- nodePortValuesFile=monitoring/values-prom-nodeport.yaml
+ log_debug "Enabling NodePort access for Prometheus and Alertmanager"
+ nodePortValuesFile=monitoring/values-prom-nodeport.yaml
fi
if helm3ReleaseExists prometheus-operator $MON_NS; then
- promRelease=prometheus-operator
- promName=prometheus-operator
+ promRelease=prometheus-operator
+ promName=prometheus-operator
else
- promRelease=v4m-prometheus-operator
- promName=v4m
+ promRelease=v4m-prometheus-operator
+ promName=v4m
fi
log_verbose "User response file: [$PROM_OPER_USER_YAML]"
log_info "Deploying the kube-prometheus stack. This may take a few minutes ..."
if helm3ReleaseExists $promRelease $MON_NS; then
- log_verbose "Upgrading via Helm ($(date) - timeout 20m)"
+ log_verbose "Upgrading via Helm ($(date) - timeout 20m)"
else
- grafanaPwd="$GRAFANA_ADMIN_PASSWORD"
- if [ "$grafanaPwd" == "" ]; then
- log_debug "Generating random Grafana admin password"
- showPass="true"
- grafanaPwd="$(randomPassword)"
- fi
- log_verbose "Installing via Helm ($(date) - timeout 20m)"
+ grafanaPwd="$GRAFANA_ADMIN_PASSWORD"
+ if [ "$grafanaPwd" == "" ]; then
+ log_debug "Generating random Grafana admin password"
+ showPass="true"
+ grafanaPwd="$(randomPassword)"
+ fi
+ log_verbose "Installing via Helm ($(date) - timeout 20m)"
fi
# See https://github.com/prometheus-community/helm-charts/tree/main/charts/kube-prometheus-stack#from-21x-to-22x
-if [ "$V4M_CURRENT_VERSION_MAJOR" == "1" ] && [[ "$V4M_CURRENT_VERSION_MINOR" =~ [0-5] ]]; then
- kubectl delete -n $MON_NS --ignore-not-found \
- deployments.apps \
- -l app.kubernetes.io/instance=v4m-prometheus-operator,app.kubernetes.io/name=kube-state-metrics
+if [ "$V4M_CURRENT_VERSION_MAJOR" == "1" ] && [[ $V4M_CURRENT_VERSION_MINOR =~ [0-5] ]]; then
+ kubectl delete -n $MON_NS --ignore-not-found \
+ deployments.apps \
+ -l app.kubernetes.io/instance=v4m-prometheus-operator,app.kubernetes.io/name=kube-state-metrics
fi
TRACING_ENABLE="${TRACING_ENABLE:-false}"
if [ "$TRACING_ENABLE" == "false" ]; then
- tempoDSFile=$TMP_DIR/empty.yaml
+ tempoDSFile=$TMP_DIR/empty.yaml
else
- TEMPO_USER_YAML="${TEMPO_USER_YAML:-$USER_DIR/monitoring/user-values-tempo.yaml}"
- if [ ! -f "$TEMPO_USER_YAML" ]; then
- log_debug "[$TEMPO_USER_YAML] not found. Using $TMP_DIR/empty.yaml"
- TEMPO_USER_YAML=$TMP_DIR/empty.yaml
- fi
- tempoDSFile="monitoring/grafana-datasource-tempo.yaml"
-fi
+ TEMPO_USER_YAML="${TEMPO_USER_YAML:-$USER_DIR/monitoring/user-values-tempo.yaml}"
+ if [ ! -f "$TEMPO_USER_YAML" ]; then
+ log_debug "[$TEMPO_USER_YAML] not found. Using $TMP_DIR/empty.yaml"
+ TEMPO_USER_YAML=$TMP_DIR/empty.yaml
+ fi
+ tempoDSFile="monitoring/grafana-datasource-tempo.yaml"
+fi
# Get Helm Chart Name
log_debug "Kube-Prometheus Stack Helm Chart: repo [$KUBE_PROM_STACK_CHART_REPO] name [$KUBE_PROM_STACK_CHART_NAME] version [$KUBE_PROM_STACK_CHART_VERSION]"
chart2install="$(get_helmchart_reference $KUBE_PROM_STACK_CHART_REPO $KUBE_PROM_STACK_CHART_NAME $KUBE_PROM_STACK_CHART_VERSION)"
-versionstring="$(get_helm_versionstring $KUBE_PROM_STACK_CHART_VERSION)"
+versionstring="$(get_helm_versionstring $KUBE_PROM_STACK_CHART_VERSION)"
log_debug "Installing Helm chart from artifact [$chart2install]"
helm $helmDebug upgrade --install $promRelease \
- --namespace $MON_NS \
- -f $imageKeysFile \
- -f monitoring/values-prom-operator.yaml \
- -f $istioValuesFile \
- -f $tlsValuesFile \
- -f $tlsPromAlertingEndpointFile \
- -f $nodePortValuesFile \
- -f $wnpValuesFile \
- -f $PROM_OPER_USER_YAML \
- -f $tempoDSFile \
- --atomic \
- --timeout 20m \
- --set nameOverride=$promName \
- --set fullnameOverride=$promName \
- --set prometheus-node-exporter.fullnameOverride=$promName-node-exporter \
- --set kube-state-metrics.fullnameOverride=$promName-kube-state-metrics \
- --set grafana.fullnameOverride=$promName-grafana \
- --set grafana.adminPassword="$grafanaPwd" \
- --set grafana.serviceMonitor.scheme="$serviceMonitorEndpointScheme" \
- --set prometheus.prometheusSpec.alertingEndpoints[0].namespace="$MON_NS" \
- $versionstring \
- $chart2install
+ --namespace $MON_NS \
+ -f $imageKeysFile \
+ -f monitoring/values-prom-operator.yaml \
+ -f $istioValuesFile \
+ -f $tlsValuesFile \
+ -f $tlsPromAlertingEndpointFile \
+ -f $nodePortValuesFile \
+ -f $wnpValuesFile \
+ -f $PROM_OPER_USER_YAML \
+ -f $tempoDSFile \
+ --atomic \
+ --timeout 20m \
+ --set nameOverride=$promName \
+ --set fullnameOverride=$promName \
+ --set prometheus-node-exporter.fullnameOverride=$promName-node-exporter \
+ --set kube-state-metrics.fullnameOverride=$promName-kube-state-metrics \
+ --set grafana.fullnameOverride=$promName-grafana \
+ --set grafana.adminPassword="$grafanaPwd" \
+ --set grafana.serviceMonitor.scheme="$serviceMonitorEndpointScheme" \
+ --set prometheus.prometheusSpec.alertingEndpoints[0].namespace="$MON_NS" \
+ $versionstring \
+ $chart2install
sleep 2
#Container Security: Disable serviceAccount Token Automounting
disable_sa_token_automount $MON_NS v4m-grafana
-disable_sa_token_automount $MON_NS sas-ops-acct #Used w/Prometheus
+disable_sa_token_automount $MON_NS sas-ops-acct #Used w/Prometheus
disable_sa_token_automount $MON_NS v4m-node-exporter
disable_sa_token_automount $MON_NS v4m-alertmanager
@@ -245,42 +244,42 @@
log_verbose "Deploying cluster ServiceMonitors"
if [ "$TRACING_ENABLE" == "true" ]; then
- log_info "Tracing enabled..."
+ log_info "Tracing enabled..."
- #Generate yaml file with all container-related keys
- generateImageKeysFile "$TEMPO_FULL_IMAGE" "monitoring/tempo_container_image.template"
+ #Generate yaml file with all container-related keys
+ generateImageKeysFile "$TEMPO_FULL_IMAGE" "monitoring/tempo_container_image.template"
- # Add the grafana helm chart repo
- helmRepoAdd grafana https://grafana.github.io/helm-charts
- helm repo update
+ # Add the grafana helm chart repo
+ helmRepoAdd grafana https://grafana.github.io/helm-charts
+ helm repo update
- # Get Helm Chart Name
- log_debug "Tempo Helm Chart: repo [$TEMPO_CHART_REPO] name [$TEMPO_CHART_NAME] version [$TEMPO_CHART_VERSION]"
- chart2install="$(get_helmchart_reference $TEMPO_CHART_REPO $TEMPO_CHART_NAME $TEMPO_CHART_VERSION)"
- versionstring="$(get_helm_versionstring $TEMPO_CHART_VERSION)"
- log_debug "Installing Helm chart from artifact [$chart2install]"
+ # Get Helm Chart Name
+ log_debug "Tempo Helm Chart: repo [$TEMPO_CHART_REPO] name [$TEMPO_CHART_NAME] version [$TEMPO_CHART_VERSION]"
+ chart2install="$(get_helmchart_reference $TEMPO_CHART_REPO $TEMPO_CHART_NAME $TEMPO_CHART_VERSION)"
+ versionstring="$(get_helm_versionstring $TEMPO_CHART_VERSION)"
+ log_debug "Installing Helm chart from artifact [$chart2install]"
- log_info "Installing tempo"
- helm upgrade --install v4m-tempo \
- -n "$MON_NS" \
- -f $imageKeysFile \
- -f monitoring/values-tempo.yaml \
- -f "$TEMPO_USER_YAML" \
- $versionstring \
- $chart2install
+ log_info "Installing tempo"
+ helm upgrade --install v4m-tempo \
+ -n "$MON_NS" \
+ -f $imageKeysFile \
+ -f monitoring/values-tempo.yaml \
+ -f "$TEMPO_USER_YAML" \
+ $versionstring \
+ $chart2install
fi
# NGINX
set +e
kubectl get ns $NGINX_NS 2>/dev/null
if [ $? == 0 ]; then
- nginxFound=true
+ nginxFound=true
fi
set -e
if [ "$nginxFound" == "true" ]; then
- log_verbose "NGINX found. Deploying podMonitor to [$NGINX_NS] namespace"
- kubectl apply -n $NGINX_NS -f monitoring/monitors/kube/podMonitor-nginx.yaml 2>/dev/null
+ log_verbose "NGINX found. Deploying podMonitor to [$NGINX_NS] namespace"
+ kubectl apply -n $NGINX_NS -f monitoring/monitors/kube/podMonitor-nginx.yaml 2>/dev/null
fi
# Eventrouter ServiceMonitor
@@ -296,25 +295,25 @@
# Rules
log_verbose "Adding Prometheus recording rules"
for f in monitoring/rules/viya/rules-*.yaml; do
- kubectl apply -n $MON_NS -f $f
+ kubectl apply -n $MON_NS -f $f
done
# Elasticsearch Datasource for Grafana
LOGGING_DATASOURCE="${LOGGING_DATASOURCE:-false}"
if [ "$LOGGING_DATASOURCE" == "true" ]; then
- set +e
- log_debug "Creating the logging data source using the create_logging_datasource script"
- monitoring/bin/create_logging_datasource.sh
+ set +e
+ log_debug "Creating the logging data source using the create_logging_datasource script"
+ monitoring/bin/create_logging_datasource.sh
- if (( $? == 1 )); then
- log_warn "Unable to configure the logging data source at this time."
- log_warn "Please address the errors and re-run the follow command to create the data source at a later time:"
- log_warn "monitoring/bin/create_logging_datasource.sh"
- fi
- set -e
+ if (($? == 1)); then
+ log_warn "Unable to configure the logging data source at this time."
+ log_warn "Please address the errors and re-run the follow command to create the data source at a later time:"
+ log_warn "monitoring/bin/create_logging_datasource.sh"
+ fi
+ set -e
else
- log_debug "LOGGING_DATASOURCE not set"
- log_debug "Skipping creation of logging data source for Grafana"
+ log_debug "LOGGING_DATASOURCE not set"
+ log_debug "Skipping creation of logging data source for Grafana"
fi
echo ""
@@ -325,32 +324,32 @@
get_ingress_ports
# get URLs for Grafana, Prometheus and AlertManager
-gf_url=$(get_service_url $MON_NS v4m-grafana "$TLS_ENABLE")
+gf_url=$(get_service_url $MON_NS v4m-grafana "$TLS_ENABLE")
# pr_url=$(get_url $MON_NS v4m-prometheus "$TLS_ENABLE")
# am_url=$(get_url $MON_NS v4m-alertmanager "$TLS_ENABLE")
set -e
# If a deployment with the old name exists, remove it first
if helm3ReleaseExists v4m $MON_NS; then
- log_verbose "Removing outdated SAS Viya Monitoring Helm chart release from [$MON_NS] namespace"
- helm uninstall -n "$MON_NS" "v4m"
+ log_verbose "Removing outdated SAS Viya Monitoring Helm chart release from [$MON_NS] namespace"
+ helm uninstall -n "$MON_NS" "v4m"
fi
if ! deployV4MInfo "$MON_NS" "v4m-metrics"; then
- log_warn "Unable to update SAS Viya Monitoring Helm chart release"
+ log_warn "Unable to update SAS Viya Monitoring Helm chart release"
fi
# Print URL to access web apps
log_notice ""
log_notice "GRAFANA: "
if [ ! -z "$gf_url" ]; then
- log_notice " $gf_url"
+ log_notice " $gf_url"
else
- log_notice " It was not possible to determine the URL needed to access Grafana. Note "
- log_notice " that this is not necessarily a sign of a problem; it may only reflect an "
- log_notice " ingress or network access configuration that this script does not handle."
+ log_notice " It was not possible to determine the URL needed to access Grafana. Note "
+ log_notice " that this is not necessarily a sign of a problem; it may only reflect an "
+ log_notice " ingress or network access configuration that this script does not handle."
fi
- log_notice ""
+log_notice ""
#log_notice ""
#log_notice "================================================================================"
@@ -373,14 +372,12 @@
#log_notice ""
if [ "$showPass" == "true" ]; then
- # Find the grafana pod
-
- log_notice " Generated Grafana admin password is: $grafanaPwd"
- log_notice " To change the password, run the following script (replace myNewPassword with an updated password):"
- log_notice " monitoring/bin/change_grafana_admin_password.sh -p myNewPassword"
+ # Find the grafana pod
+
+ log_notice " Generated Grafana admin password is: $grafanaPwd"
+ log_notice " To change the password, run the following script (replace myNewPassword with an updated password):"
+ log_notice " monitoring/bin/change_grafana_admin_password.sh -p myNewPassword"
fi
log_message ""
log_notice " Successfully deployed components to the [$MON_NS] namespace"
-
-
----------
You can reformat the above files to meet shfmt's requirements by typing:
shfmt -s -w filename
![github-actions[bot] avatar](https://avatars.githubusercontent.com/in/15368?v=4 "Published by a pub.dev verified publisher"){kind=small}
sh-checker report
To get the full details, please check in the job output.
shellcheck errors
'shellcheck -e SC1004' returned error 1 finding the following syntactical issues:
----------
In monitoring/bin/deploy_monitoring_cluster.sh line 6:
cd "$(dirname $BASH_SOURCE)/../.."
^----------^ SC2128 (warning): Expanding an array without an index only gives the first element.
^----------^ SC2086 (info): Double quote to prevent globbing and word splitting.
Did you mean:
cd "$(dirname "$BASH_SOURCE")/../.."
In monitoring/bin/deploy_monitoring_cluster.sh line 7:
source monitoring/bin/common.sh
^----------------------^ SC1091 (info): Not following: monitoring/bin/common.sh was not specified as input (see shellcheck -x).
In monitoring/bin/deploy_monitoring_cluster.sh line 8:
source bin/service-url-include.sh
^------------------------^ SC1091 (info): Not following: bin/service-url-include.sh was not specified as input (see shellcheck -x).
In monitoring/bin/deploy_monitoring_cluster.sh line 18:
source bin/tls-include.sh
^----------------^ SC1091 (info): Not following: bin/tls-include.sh was not specified as input (see shellcheck -x).
In monitoring/bin/deploy_monitoring_cluster.sh line 19:
if verify_cert_generator $MON_NS prometheus alertmanager grafana; then
^-----^ SC2086 (info): Double quote to prevent globbing and word splitting.
Did you mean:
if verify_cert_generator "$MON_NS" prometheus alertmanager grafana; then
In monitoring/bin/deploy_monitoring_cluster.sh line 20:
log_debug "cert generator check OK [$cert_generator_ok]"
^----------------^ SC2154 (warning): cert_generator_ok is referenced but not assigned.
In monitoring/bin/deploy_monitoring_cluster.sh line 22:
log_error "One or more required TLS certs do not exist and the expected certificate generator mechanism [$cert_generator] is not available to create the missing certs"
^-------------^ SC2154 (warning): cert_generator is referenced but not assigned.
In monitoring/bin/deploy_monitoring_cluster.sh line 26:
helm2ReleaseCheck v4m-$MON_NS
^-----^ SC2086 (info): Double quote to prevent globbing and word splitting.
Did you mean:
helm2ReleaseCheck v4m-"$MON_NS"
In monitoring/bin/deploy_monitoring_cluster.sh line 27:
helm2ReleaseCheck prometheus-$MON_NS
^-----^ SC2086 (info): Double quote to prevent globbing and word splitting.
Did you mean:
helm2ReleaseCheck prometheus-"$MON_NS"
In monitoring/bin/deploy_monitoring_cluster.sh line 43:
if [ -z "$(kubectl get ns $MON_NS -o name 2>/dev/null)" ]; then
^-----^ SC2086 (info): Double quote to prevent globbing and word splitting.
Did you mean:
if [ -z "$(kubectl get ns "$MON_NS" -o name 2>/dev/null)" ]; then
In monitoring/bin/deploy_monitoring_cluster.sh line 44:
kubectl create ns $MON_NS
^-----^ SC2086 (info): Double quote to prevent globbing and word splitting.
Did you mean:
kubectl create ns "$MON_NS"
In monitoring/bin/deploy_monitoring_cluster.sh line 47:
disable_sa_token_automount $MON_NS default
^-----^ SC2086 (info): Double quote to prevent globbing and word splitting.
Did you mean:
disable_sa_token_automount "$MON_NS" default
In monitoring/bin/deploy_monitoring_cluster.sh line 52:
generateImageKeysFile "$ALERTMANAGER_FULL_IMAGE" "$imageKeysFile" "ALERTMANAGER_"
^------------^ SC2154 (warning): imageKeysFile is referenced but not assigned.
In monitoring/bin/deploy_monitoring_cluster.sh line 100:
if kubectl get crd $crd.monitoring.coreos.com 1>/dev/null 2>&1; then
^--^ SC2086 (info): Double quote to prevent globbing and word splitting.
Did you mean:
if kubectl get crd "$crd".monitoring.coreos.com 1>/dev/null 2>&1; then
In monitoring/bin/deploy_monitoring_cluster.sh line 101:
kubectl replace -f $crdURL
^-----^ SC2086 (info): Double quote to prevent globbing and word splitting.
Did you mean:
kubectl replace -f "$crdURL"
In monitoring/bin/deploy_monitoring_cluster.sh line 103:
kubectl create -f $crdURL
^-----^ SC2086 (info): Double quote to prevent globbing and word splitting.
Did you mean:
kubectl create -f "$crdURL"
In monitoring/bin/deploy_monitoring_cluster.sh line 111:
kubectl delete daemonset -n $MON_NS -l app=prometheus-node-exporter --ignore-not-found
^-----^ SC2086 (info): Double quote to prevent globbing and word splitting.
Did you mean:
kubectl delete daemonset -n "$MON_NS" -l app=prometheus-node-exporter --ignore-not-found
In monitoring/bin/deploy_monitoring_cluster.sh line 129:
create_tls_certs $MON_NS monitoring ${apps[@]}
^-----^ SC2086 (info): Double quote to prevent globbing and word splitting.
^--------^ SC2068 (error): Double quote array expansions to avoid re-splitting elements.
Did you mean:
create_tls_certs "$MON_NS" monitoring ${apps[@]}
In monitoring/bin/deploy_monitoring_cluster.sh line 139:
kubectl delete cm -n $MON_NS --ignore-not-found grafana-datasource-prom-https
^-----^ SC2086 (info): Double quote to prevent globbing and word splitting.
Did you mean:
kubectl delete cm -n "$MON_NS" --ignore-not-found grafana-datasource-prom-https
In monitoring/bin/deploy_monitoring_cluster.sh line 140:
kubectl create cm -n $MON_NS grafana-datasource-prom-https --from-file monitoring/tls/$grafanaDS
^-----^ SC2086 (info): Double quote to prevent globbing and word splitting.
Did you mean:
kubectl create cm -n "$MON_NS" grafana-datasource-prom-https --from-file monitoring/tls/$grafanaDS
In monitoring/bin/deploy_monitoring_cluster.sh line 141:
kubectl label cm -n $MON_NS grafana-datasource-prom-https grafana_datasource=1 sas.com/monitoring-base=kube-viya-monitoring
^-----^ SC2086 (info): Double quote to prevent globbing and word splitting.
Did you mean:
kubectl label cm -n "$MON_NS" grafana-datasource-prom-https grafana_datasource=1 sas.com/monitoring-base=kube-viya-monitoring
In monitoring/bin/deploy_monitoring_cluster.sh line 145:
kubectl delete cm -n $MON_NS node-exporter-tls-web-config --ignore-not-found
^-----^ SC2086 (info): Double quote to prevent globbing and word splitting.
Did you mean:
kubectl delete cm -n "$MON_NS" node-exporter-tls-web-config --ignore-not-found
In monitoring/bin/deploy_monitoring_cluster.sh line 147:
kubectl create cm -n $MON_NS node-exporter-tls-web-config --from-file monitoring/tls/node-exporter-web.yaml
^-----^ SC2086 (info): Double quote to prevent globbing and word splitting.
Did you mean:
kubectl create cm -n "$MON_NS" node-exporter-tls-web-config --from-file monitoring/tls/node-exporter-web.yaml
In monitoring/bin/deploy_monitoring_cluster.sh line 148:
kubectl label cm -n $MON_NS node-exporter-tls-web-config sas.com/monitoring-base=kube-viya-monitoring
^-----^ SC2086 (info): Double quote to prevent globbing and word splitting.
Did you mean:
kubectl label cm -n "$MON_NS" node-exporter-tls-web-config sas.com/monitoring-base=kube-viya-monitoring
In monitoring/bin/deploy_monitoring_cluster.sh line 160:
if helm3ReleaseExists prometheus-operator $MON_NS; then
^-----^ SC2086 (info): Double quote to prevent globbing and word splitting.
Did you mean:
if helm3ReleaseExists prometheus-operator "$MON_NS"; then
In monitoring/bin/deploy_monitoring_cluster.sh line 169:
if helm3ReleaseExists $promRelease $MON_NS; then
^-----^ SC2086 (info): Double quote to prevent globbing and word splitting.
Did you mean:
if helm3ReleaseExists $promRelease "$MON_NS"; then
In monitoring/bin/deploy_monitoring_cluster.sh line 183:
kubectl delete -n $MON_NS --ignore-not-found \
^-----^ SC2086 (info): Double quote to prevent globbing and word splitting.
Did you mean:
kubectl delete -n "$MON_NS" --ignore-not-found \
In monitoring/bin/deploy_monitoring_cluster.sh line 202:
chart2install="$(get_helmchart_reference $KUBE_PROM_STACK_CHART_REPO $KUBE_PROM_STACK_CHART_NAME $KUBE_PROM_STACK_CHART_VERSION)"
^-------------------------^ SC2086 (info): Double quote to prevent globbing and word splitting.
^-------------------------^ SC2086 (info): Double quote to prevent globbing and word splitting.
^----------------------------^ SC2086 (info): Double quote to prevent globbing and word splitting.
Did you mean:
chart2install="$(get_helmchart_reference "$KUBE_PROM_STACK_CHART_REPO" "$KUBE_PROM_STACK_CHART_NAME" "$KUBE_PROM_STACK_CHART_VERSION")"
In monitoring/bin/deploy_monitoring_cluster.sh line 203:
versionstring="$(get_helm_versionstring $KUBE_PROM_STACK_CHART_VERSION)"
^----------------------------^ SC2086 (info): Double quote to prevent globbing and word splitting.
Did you mean:
versionstring="$(get_helm_versionstring "$KUBE_PROM_STACK_CHART_VERSION")"
In monitoring/bin/deploy_monitoring_cluster.sh line 206:
helm $helmDebug upgrade --install $promRelease \
^--------^ SC2086 (info): Double quote to prevent globbing and word splitting.
Did you mean:
helm "$helmDebug" upgrade --install $promRelease \
In monitoring/bin/deploy_monitoring_cluster.sh line 207:
--namespace $MON_NS \
^-----^ SC2086 (info): Double quote to prevent globbing and word splitting.
Did you mean:
--namespace "$MON_NS" \
In monitoring/bin/deploy_monitoring_cluster.sh line 208:
-f $imageKeysFile \
^------------^ SC2086 (info): Double quote to prevent globbing and word splitting.
Did you mean:
-f "$imageKeysFile" \
In monitoring/bin/deploy_monitoring_cluster.sh line 210:
-f $istioValuesFile \
^--------------^ SC2086 (info): Double quote to prevent globbing and word splitting.
Did you mean:
-f "$istioValuesFile" \
In monitoring/bin/deploy_monitoring_cluster.sh line 211:
-f $tlsValuesFile \
^------------^ SC2086 (info): Double quote to prevent globbing and word splitting.
Did you mean:
-f "$tlsValuesFile" \
In monitoring/bin/deploy_monitoring_cluster.sh line 212:
-f $nodePortValuesFile \
^-----------------^ SC2086 (info): Double quote to prevent globbing and word splitting.
Did you mean:
-f "$nodePortValuesFile" \
In monitoring/bin/deploy_monitoring_cluster.sh line 213:
-f $wnpValuesFile \
^------------^ SC2086 (info): Double quote to prevent globbing and word splitting.
Did you mean:
-f "$wnpValuesFile" \
In monitoring/bin/deploy_monitoring_cluster.sh line 214:
-f $PROM_OPER_USER_YAML \
^------------------^ SC2086 (info): Double quote to prevent globbing and word splitting.
Did you mean:
-f "$PROM_OPER_USER_YAML" \
In monitoring/bin/deploy_monitoring_cluster.sh line 215:
-f $tempoDSFile \
^----------^ SC2086 (info): Double quote to prevent globbing and word splitting.
Did you mean:
-f "$tempoDSFile" \
In monitoring/bin/deploy_monitoring_cluster.sh line 226:
$versionstring \
^------------^ SC2086 (info): Double quote to prevent globbing and word splitting.
Did you mean:
"$versionstring" \
In monitoring/bin/deploy_monitoring_cluster.sh line 227:
$chart2install
^------------^ SC2086 (info): Double quote to prevent globbing and word splitting.
Did you mean:
"$chart2install"
In monitoring/bin/deploy_monitoring_cluster.sh line 232:
disable_sa_token_automount $MON_NS v4m-grafana
^-----^ SC2086 (info): Double quote to prevent globbing and word splitting.
Did you mean:
disable_sa_token_automount "$MON_NS" v4m-grafana
In monitoring/bin/deploy_monitoring_cluster.sh line 233:
disable_sa_token_automount $MON_NS sas-ops-acct #Used w/Prometheus
^-----^ SC2086 (info): Double quote to prevent globbing and word splitting.
Did you mean:
disable_sa_token_automount "$MON_NS" sas-ops-acct #Used w/Prometheus
In monitoring/bin/deploy_monitoring_cluster.sh line 234:
disable_sa_token_automount $MON_NS v4m-node-exporter
^-----^ SC2086 (info): Double quote to prevent globbing and word splitting.
Did you mean:
disable_sa_token_automount "$MON_NS" v4m-node-exporter
In monitoring/bin/deploy_monitoring_cluster.sh line 235:
disable_sa_token_automount $MON_NS v4m-alertmanager
^-----^ SC2086 (info): Double quote to prevent globbing and word splitting.
Did you mean:
disable_sa_token_automount "$MON_NS" v4m-alertmanager
In monitoring/bin/deploy_monitoring_cluster.sh line 238:
disable_sa_token_automount $MON_NS v4m-kube-state-metrics
^-----^ SC2086 (info): Double quote to prevent globbing and word splitting.
Did you mean:
disable_sa_token_automount "$MON_NS" v4m-kube-state-metrics
In monitoring/bin/deploy_monitoring_cluster.sh line 239:
enable_pod_token_automount $MON_NS deployment v4m-kube-state-metrics
^-----^ SC2086 (info): Double quote to prevent globbing and word splitting.
Did you mean:
enable_pod_token_automount "$MON_NS" deployment v4m-kube-state-metrics
In monitoring/bin/deploy_monitoring_cluster.sh line 240:
disable_sa_token_automount $MON_NS v4m-operator
^-----^ SC2086 (info): Double quote to prevent globbing and word splitting.
Did you mean:
disable_sa_token_automount "$MON_NS" v4m-operator
In monitoring/bin/deploy_monitoring_cluster.sh line 241:
enable_pod_token_automount $MON_NS deployment v4m-operator
^-----^ SC2086 (info): Double quote to prevent globbing and word splitting.
Did you mean:
enable_pod_token_automount "$MON_NS" deployment v4m-operator
In monitoring/bin/deploy_monitoring_cluster.sh line 258:
chart2install="$(get_helmchart_reference $TEMPO_CHART_REPO $TEMPO_CHART_NAME $TEMPO_CHART_VERSION)"
^---------------^ SC2086 (info): Double quote to prevent globbing and word splitting.
^---------------^ SC2086 (info): Double quote to prevent globbing and word splitting.
^------------------^ SC2086 (info): Double quote to prevent globbing and word splitting.
Did you mean:
chart2install="$(get_helmchart_reference "$TEMPO_CHART_REPO" "$TEMPO_CHART_NAME" "$TEMPO_CHART_VERSION")"
In monitoring/bin/deploy_monitoring_cluster.sh line 259:
versionstring="$(get_helm_versionstring $TEMPO_CHART_VERSION)"
^------------------^ SC2086 (info): Double quote to prevent globbing and word splitting.
Did you mean:
versionstring="$(get_helm_versionstring "$TEMPO_CHART_VERSION")"
In monitoring/bin/deploy_monitoring_cluster.sh line 265:
-f $imageKeysFile \
^------------^ SC2086 (info): Double quote to prevent globbing and word splitting.
Did you mean:
-f "$imageKeysFile" \
In monitoring/bin/deploy_monitoring_cluster.sh line 268:
$versionstring \
^------------^ SC2086 (info): Double quote to prevent globbing and word splitting.
Did you mean:
"$versionstring" \
In monitoring/bin/deploy_monitoring_cluster.sh line 269:
$chart2install
^------------^ SC2086 (info): Double quote to prevent globbing and word splitting.
Did you mean:
"$chart2install"
In monitoring/bin/deploy_monitoring_cluster.sh line 274:
kubectl get ns $NGINX_NS 2>/dev/null
^-------^ SC2086 (info): Double quote to prevent globbing and word splitting.
Did you mean:
kubectl get ns "$NGINX_NS" 2>/dev/null
In monitoring/bin/deploy_monitoring_cluster.sh line 275:
if [ $? == 0 ]; then
^-- SC2181 (style): Check exit code directly with e.g. 'if mycmd;', not indirectly with $?.
In monitoring/bin/deploy_monitoring_cluster.sh line 282:
kubectl apply -n $NGINX_NS -f monitoring/monitors/kube/podMonitor-nginx.yaml 2>/dev/null
^-------^ SC2086 (info): Double quote to prevent globbing and word splitting.
Did you mean:
kubectl apply -n "$NGINX_NS" -f monitoring/monitors/kube/podMonitor-nginx.yaml 2>/dev/null
In monitoring/bin/deploy_monitoring_cluster.sh line 286:
kubectl apply -n $MON_NS -f monitoring/monitors/kube/podMonitor-eventrouter.yaml 2>/dev/null
^-----^ SC2086 (info): Double quote to prevent globbing and word splitting.
Did you mean:
kubectl apply -n "$MON_NS" -f monitoring/monitors/kube/podMonitor-eventrouter.yaml 2>/dev/null
In monitoring/bin/deploy_monitoring_cluster.sh line 289:
kubectl apply -n $MON_NS -f monitoring/monitors/logging/serviceMonitor-elasticsearch.yaml
^-----^ SC2086 (info): Double quote to prevent globbing and word splitting.
Did you mean:
kubectl apply -n "$MON_NS" -f monitoring/monitors/logging/serviceMonitor-elasticsearch.yaml
In monitoring/bin/deploy_monitoring_cluster.sh line 292:
kubectl apply -n $MON_NS -f monitoring/monitors/logging/serviceMonitor-fluent-bit.yaml
^-----^ SC2086 (info): Double quote to prevent globbing and word splitting.
Did you mean:
kubectl apply -n "$MON_NS" -f monitoring/monitors/logging/serviceMonitor-fluent-bit.yaml
In monitoring/bin/deploy_monitoring_cluster.sh line 293:
kubectl apply -n $MON_NS -f monitoring/monitors/logging/serviceMonitor-fluent-bit-v2.yaml
^-----^ SC2086 (info): Double quote to prevent globbing and word splitting.
Did you mean:
kubectl apply -n "$MON_NS" -f monitoring/monitors/logging/serviceMonitor-fluent-bit-v2.yaml
In monitoring/bin/deploy_monitoring_cluster.sh line 298:
kubectl apply -n $MON_NS -f $f
^-----^ SC2086 (info): Double quote to prevent globbing and word splitting.
^-- SC2086 (info): Double quote to prevent globbing and word splitting.
Did you mean:
kubectl apply -n "$MON_NS" -f "$f"
In monitoring/bin/deploy_monitoring_cluster.sh line 327:
gf_url=$(get_service_url $MON_NS v4m-grafana "$TLS_ENABLE")
^-----^ SC2086 (info): Double quote to prevent globbing and word splitting.
Did you mean:
gf_url=$(get_service_url "$MON_NS" v4m-grafana "$TLS_ENABLE")
In monitoring/bin/deploy_monitoring_cluster.sh line 333:
if helm3ReleaseExists v4m $MON_NS; then
^-----^ SC2086 (info): Double quote to prevent globbing and word splitting.
Did you mean:
if helm3ReleaseExists v4m "$MON_NS"; then
In monitoring/bin/deploy_monitoring_cluster.sh line 345:
if [ ! -z "$gf_url" ]; then
^-- SC2236 (style): Use -n instead of ! -z.
For more information:
https://www.shellcheck.net/wiki/SC2068 -- Double quote array expansions to ...
https://www.shellcheck.net/wiki/SC2128 -- Expanding an array without an ind...
https://www.shellcheck.net/wiki/SC2154 -- cert_generator is referenced but ...
----------
You can address the above issues in one of three ways:
1. Manually correct the issue in the offending shell script;
2. Disable specific issues by adding the comment:
# shellcheck disable=NNNN
above the line that contains the issue, where NNNN is the error code;
3. Add '-e NNNN' to the SHELLCHECK_OPTS setting in your .yml action file.
shfmt errors
'shfmt -s' returned error 1 finding the following formatting issues:
----------
--- monitoring/bin/deploy_monitoring_cluster.sh.orig
+++ monitoring/bin/deploy_monitoring_cluster.sh
@@ -8,19 +8,19 @@
source bin/service-url-include.sh
if [ "$OPENSHIFT_CLUSTER" == "true" ]; then
- if [ "${CHECK_OPENSHIFT_CLUSTER:-true}" == "true" ]; then
- log_error "This script should not be run on OpenShift clusters"
- log_error "Run monitoring/bin/deploy_monitoring_openshift.sh instead"
- exit 1
- fi
+ if [ "${CHECK_OPENSHIFT_CLUSTER:-true}" == "true" ]; then
+ log_error "This script should not be run on OpenShift clusters"
+ log_error "Run monitoring/bin/deploy_monitoring_openshift.sh instead"
+ exit 1
+ fi
fi
source bin/tls-include.sh
if verify_cert_generator $MON_NS prometheus alertmanager grafana; then
- log_debug "cert generator check OK [$cert_generator_ok]"
+ log_debug "cert generator check OK [$cert_generator_ok]"
else
- log_error "One or more required TLS certs do not exist and the expected certificate generator mechanism [$cert_generator] is not available to create the missing certs"
- exit 1
+ log_error "One or more required TLS certs do not exist and the expected certificate generator mechanism [$cert_generator] is not available to create the missing certs"
+ exit 1
fi
helm2ReleaseCheck v4m-$MON_NS
@@ -32,33 +32,32 @@
PROM_OPER_USER_YAML="${PROM_OPER_USER_YAML:-$USER_DIR/monitoring/user-values-prom-operator.yaml}"
if [ ! -f "$PROM_OPER_USER_YAML" ]; then
- log_debug "[$PROM_OPER_USER_YAML] not found. Using $TMP_DIR/empty.yaml"
- PROM_OPER_USER_YAML=$TMP_DIR/empty.yaml
+ log_debug "[$PROM_OPER_USER_YAML] not found. Using $TMP_DIR/empty.yaml"
+ PROM_OPER_USER_YAML=$TMP_DIR/empty.yaml
fi
if [ "$HELM_DEBUG" == "true" ]; then
- helmDebug="--debug"
+ helmDebug="--debug"
fi
if [ -z "$(kubectl get ns $MON_NS -o name 2>/dev/null)" ]; then
- kubectl create ns $MON_NS
+ kubectl create ns $MON_NS
- #Container Security: Disable serviceAccount Token Automounting
- disable_sa_token_automount $MON_NS default
+ #Container Security: Disable serviceAccount Token Automounting
+ disable_sa_token_automount $MON_NS default
fi
#Generate yaml file with all container-related keys
-generateImageKeysFile "$PROMOP_FULL_IMAGE" "monitoring/prom-operator_container_image.template"
-generateImageKeysFile "$ALERTMANAGER_FULL_IMAGE" "$imageKeysFile" "ALERTMANAGER_"
-generateImageKeysFile "$ADMWEBHOOK_FULL_IMAGE" "$imageKeysFile" "ADMWEBHOOK_"
-generateImageKeysFile "$KSM_FULL_IMAGE" "$imageKeysFile" "KSM_"
-generateImageKeysFile "$NODEXPORT_FULL_IMAGE" "$imageKeysFile" "NODEXPORT_"
-generateImageKeysFile "$PROMETHEUS_FULL_IMAGE" "$imageKeysFile" "PROMETHEUS_"
-generateImageKeysFile "$CONFIGRELOAD_FULL_IMAGE" "$imageKeysFile" "CONFIGRELOAD_"
-generateImageKeysFile "$GRAFANA_FULL_IMAGE" "$imageKeysFile" "GRAFANA_"
-generateImageKeysFile "$GRAFANA_SIDECAR_FULL_IMAGE" "$imageKeysFile" "SIDECAR_"
+generateImageKeysFile "$PROMOP_FULL_IMAGE" "monitoring/prom-operator_container_image.template"
+generateImageKeysFile "$ALERTMANAGER_FULL_IMAGE" "$imageKeysFile" "ALERTMANAGER_"
+generateImageKeysFile "$ADMWEBHOOK_FULL_IMAGE" "$imageKeysFile" "ADMWEBHOOK_"
+generateImageKeysFile "$KSM_FULL_IMAGE" "$imageKeysFile" "KSM_"
+generateImageKeysFile "$NODEXPORT_FULL_IMAGE" "$imageKeysFile" "NODEXPORT_"
+generateImageKeysFile "$PROMETHEUS_FULL_IMAGE" "$imageKeysFile" "PROMETHEUS_"
+generateImageKeysFile "$CONFIGRELOAD_FULL_IMAGE" "$imageKeysFile" "CONFIGRELOAD_"
+generateImageKeysFile "$GRAFANA_FULL_IMAGE" "$imageKeysFile" "GRAFANA_"
+generateImageKeysFile "$GRAFANA_SIDECAR_FULL_IMAGE" "$imageKeysFile" "SIDECAR_"
-
set -e
log_notice "Deploying monitoring to the [$MON_NS] namespace..."
@@ -68,43 +67,43 @@
istioValuesFile=$TMP_DIR/empty.yaml
# Istio - Federate data from Istio's Prometheus instance
if [ "$ISTIO_ENABLED" == "true" ]; then
- log_verbose "Including Istio metric federation"
- istioValuesFile=$TMP_DIR/values-prom-operator-tmp.yaml
+ log_verbose "Including Istio metric federation"
+ istioValuesFile=$TMP_DIR/values-prom-operator-tmp.yaml
else
- log_debug "ISTIO_ENABLED flag not set"
- log_debug "Skipping deployment of federated scrape of Istio Prometheus instance"
+ log_debug "ISTIO_ENABLED flag not set"
+ log_debug "Skipping deployment of federated scrape of Istio Prometheus instance"
fi
# Check if Prometheus Operator CRDs are already installed
PROM_OPERATOR_CRD_UPDATE=${PROM_OPERATOR_CRD_UPDATE:-true}
if [ "$PROM_OPERATOR_CRD_UPDATE" == "true" ]; then
- log_verbose "Updating Prometheus Operator custom resource definitions"
- crds=( alertmanagerconfigs alertmanagers prometheuses prometheusrules podmonitors servicemonitors thanosrulers probes )
- for crd in "${crds[@]}"; do
-
- ## Determine CRD URL - if in an airgap environment, look for them in USER_DIR.
- if [ "$AIRGAP_DEPLOYMENT" == "true" ]; then
- crdURL=$USER_DIR/monitoring/prometheus-operator-crd/$PROM_OPERATOR_CRD_VERSION/monitoring.coreos.com_$crd.yaml
+ log_verbose "Updating Prometheus Operator custom resource definitions"
+ crds=(alertmanagerconfigs alertmanagers prometheuses prometheusrules podmonitors servicemonitors thanosrulers probes)
+ for crd in "${crds[@]}"; do
- ## Fail if the CRDs could not be located.
- if [ ! -f "$crdURL" ]; then
- log_error "Unable to locate file: [monitoring.coreos.com_$crd.yaml] in"
- log_error "[$USER_DIR/monitoring/prometheus-operator-crd/$PROM_OPERATOR_CRD_VERSION] directory"
- log_error "Please make sure to provide all Prometheus Operator CRDs before running the deployment"
- exit 1
- fi
- else
- crdURL="https://raw.githubusercontent.com/prometheus-operator/prometheus-operator/$PROM_OPERATOR_CRD_VERSION/example/prometheus-operator-crd/monitoring.coreos.com_$crd.yaml"
- fi
+ ## Determine CRD URL - if in an airgap environment, look for them in USER_DIR.
+ if [ "$AIRGAP_DEPLOYMENT" == "true" ]; then
+ crdURL=$USER_DIR/monitoring/prometheus-operator-crd/$PROM_OPERATOR_CRD_VERSION/monitoring.coreos.com_$crd.yaml
- if kubectl get crd $crd.monitoring.coreos.com 1>/dev/null 2>&1; then
- kubectl replace -f $crdURL
- else
- kubectl create -f $crdURL
- fi
- done
+ ## Fail if the CRDs could not be located.
+ if [ ! -f "$crdURL" ]; then
+ log_error "Unable to locate file: [monitoring.coreos.com_$crd.yaml] in"
+ log_error "[$USER_DIR/monitoring/prometheus-operator-crd/$PROM_OPERATOR_CRD_VERSION] directory"
+ log_error "Please make sure to provide all Prometheus Operator CRDs before running the deployment"
+ exit 1
+ fi
+ else
+ crdURL="https://raw.githubusercontent.com/prometheus-operator/prometheus-operator/$PROM_OPERATOR_CRD_VERSION/example/prometheus-operator-crd/monitoring.coreos.com_$crd.yaml"
+ fi
+
+ if kubectl get crd $crd.monitoring.coreos.com 1>/dev/null 2>&1; then
+ kubectl replace -f $crdURL
+ else
+ kubectl create -f $crdURL
+ fi
+ done
else
- log_debug "Prometheus Operator CRD update disabled"
+ log_debug "Prometheus Operator CRD update disabled"
fi
# Remove existing DaemonSets in case of an upgrade-in-place
@@ -113,11 +112,11 @@
# Optional workload node placement support
MON_NODE_PLACEMENT_ENABLE=${MON_NODE_PLACEMENT_ENABLE:-${NODE_PLACEMENT_ENABLE:-false}}
if [ "$MON_NODE_PLACEMENT_ENABLE" == "true" ]; then
- log_verbose "Enabling monitoring components for workload node placement"
- wnpValuesFile="monitoring/node-placement/values-prom-operator-wnp.yaml"
+ log_verbose "Enabling monitoring components for workload node placement"
+ wnpValuesFile="monitoring/node-placement/values-prom-operator-wnp.yaml"
else
- log_debug "Workload node placement support is disabled"
- wnpValuesFile="$TMP_DIR/empty.yaml"
+ log_debug "Workload node placement support is disabled"
+ wnpValuesFile="$TMP_DIR/empty.yaml"
fi
# Optional TLS Support
@@ -125,112 +124,112 @@
serviceMonitorEndpointScheme="http"
if [ "$TLS_ENABLE" == "true" ]; then
- apps=( prometheus alertmanager grafana )
- create_tls_certs $MON_NS monitoring ${apps[@]}
+ apps=(prometheus alertmanager grafana)
+ create_tls_certs $MON_NS monitoring ${apps[@]}
- tlsValuesFile=monitoring/tls/values-prom-operator-tls.yaml
- log_debug "Including TLS response file $tlsValuesFile"
+ tlsValuesFile=monitoring/tls/values-prom-operator-tls.yaml
+ log_debug "Including TLS response file $tlsValuesFile"
- log_verbose "Provisioning TLS-enabled Prometheus datasource for Grafana"
- grafanaDS=grafana-datasource-prom-https.yaml
- if [ "$MON_TLS_PATH_INGRESS" == "true" ]; then
- grafanaDS=grafana-datasource-prom-https-path.yaml
- fi
- kubectl delete cm -n $MON_NS --ignore-not-found grafana-datasource-prom-https
- kubectl create cm -n $MON_NS grafana-datasource-prom-https --from-file monitoring/tls/$grafanaDS
- kubectl label cm -n $MON_NS grafana-datasource-prom-https grafana_datasource=1 sas.com/monitoring-base=kube-viya-monitoring
+ log_verbose "Provisioning TLS-enabled Prometheus datasource for Grafana"
+ grafanaDS=grafana-datasource-prom-https.yaml
+ if [ "$MON_TLS_PATH_INGRESS" == "true" ]; then
+ grafanaDS=grafana-datasource-prom-https-path.yaml
+ fi
+ kubectl delete cm -n $MON_NS --ignore-not-found grafana-datasource-prom-https
+ kubectl create cm -n $MON_NS grafana-datasource-prom-https --from-file monitoring/tls/$grafanaDS
+ kubectl label cm -n $MON_NS grafana-datasource-prom-https grafana_datasource=1 sas.com/monitoring-base=kube-viya-monitoring
- # node-exporter TLS
- log_verbose "Enabling Prometheus node-exporter for TLS"
- kubectl delete cm -n $MON_NS node-exporter-tls-web-config --ignore-not-found
- sleep 1
- kubectl create cm -n $MON_NS node-exporter-tls-web-config --from-file monitoring/tls/node-exporter-web.yaml
- kubectl label cm -n $MON_NS node-exporter-tls-web-config sas.com/monitoring-base=kube-viya-monitoring
+ # node-exporter TLS
+ log_verbose "Enabling Prometheus node-exporter for TLS"
+ kubectl delete cm -n $MON_NS node-exporter-tls-web-config --ignore-not-found
+ sleep 1
+ kubectl create cm -n $MON_NS node-exporter-tls-web-config --from-file monitoring/tls/node-exporter-web.yaml
+ kubectl label cm -n $MON_NS node-exporter-tls-web-config sas.com/monitoring-base=kube-viya-monitoring
- serviceMonitorEndpointScheme="https"
+ serviceMonitorEndpointScheme="https"
fi
nodePortValuesFile=$TMP_DIR/empty.yaml
PROM_NODEPORT_ENABLE=${PROM_NODEPORT_ENABLE:-false}
if [ "$PROM_NODEPORT_ENABLE" == "true" ]; then
- log_debug "Enabling NodePort access for Prometheus and Alertmanager"
- nodePortValuesFile=monitoring/values-prom-nodeport.yaml
+ log_debug "Enabling NodePort access for Prometheus and Alertmanager"
+ nodePortValuesFile=monitoring/values-prom-nodeport.yaml
fi
if helm3ReleaseExists prometheus-operator $MON_NS; then
- promRelease=prometheus-operator
- promName=prometheus-operator
+ promRelease=prometheus-operator
+ promName=prometheus-operator
else
- promRelease=v4m-prometheus-operator
- promName=v4m
+ promRelease=v4m-prometheus-operator
+ promName=v4m
fi
log_verbose "User response file: [$PROM_OPER_USER_YAML]"
log_info "Deploying the kube-prometheus stack. This may take a few minutes ..."
if helm3ReleaseExists $promRelease $MON_NS; then
- log_verbose "Upgrading via Helm ($(date) - timeout 20m)"
+ log_verbose "Upgrading via Helm ($(date) - timeout 20m)"
else
- grafanaPwd="$GRAFANA_ADMIN_PASSWORD"
- if [ "$grafanaPwd" == "" ]; then
- log_debug "Generating random Grafana admin password"
- showPass="true"
- grafanaPwd="$(randomPassword)"
- fi
- log_verbose "Installing via Helm ($(date) - timeout 20m)"
+ grafanaPwd="$GRAFANA_ADMIN_PASSWORD"
+ if [ "$grafanaPwd" == "" ]; then
+ log_debug "Generating random Grafana admin password"
+ showPass="true"
+ grafanaPwd="$(randomPassword)"
+ fi
+ log_verbose "Installing via Helm ($(date) - timeout 20m)"
fi
# See https://github.com/prometheus-community/helm-charts/tree/main/charts/kube-prometheus-stack#from-21x-to-22x
-if [ "$V4M_CURRENT_VERSION_MAJOR" == "1" ] && [[ "$V4M_CURRENT_VERSION_MINOR" =~ [0-5] ]]; then
- kubectl delete -n $MON_NS --ignore-not-found \
- deployments.apps \
- -l app.kubernetes.io/instance=v4m-prometheus-operator,app.kubernetes.io/name=kube-state-metrics
+if [ "$V4M_CURRENT_VERSION_MAJOR" == "1" ] && [[ $V4M_CURRENT_VERSION_MINOR =~ [0-5] ]]; then
+ kubectl delete -n $MON_NS --ignore-not-found \
+ deployments.apps \
+ -l app.kubernetes.io/instance=v4m-prometheus-operator,app.kubernetes.io/name=kube-state-metrics
fi
TRACING_ENABLE="${TRACING_ENABLE:-false}"
if [ "$TRACING_ENABLE" == "false" ]; then
- tempoDSFile=$TMP_DIR/empty.yaml
+ tempoDSFile=$TMP_DIR/empty.yaml
else
- TEMPO_USER_YAML="${TEMPO_USER_YAML:-$USER_DIR/monitoring/user-values-tempo.yaml}"
- if [ ! -f "$TEMPO_USER_YAML" ]; then
- log_debug "[$TEMPO_USER_YAML] not found. Using $TMP_DIR/empty.yaml"
- TEMPO_USER_YAML=$TMP_DIR/empty.yaml
- fi
- tempoDSFile="monitoring/grafana-datasource-tempo.yaml"
-fi
+ TEMPO_USER_YAML="${TEMPO_USER_YAML:-$USER_DIR/monitoring/user-values-tempo.yaml}"
+ if [ ! -f "$TEMPO_USER_YAML" ]; then
+ log_debug "[$TEMPO_USER_YAML] not found. Using $TMP_DIR/empty.yaml"
+ TEMPO_USER_YAML=$TMP_DIR/empty.yaml
+ fi
+ tempoDSFile="monitoring/grafana-datasource-tempo.yaml"
+fi
# Get Helm Chart Name
log_debug "Kube-Prometheus Stack Helm Chart: repo [$KUBE_PROM_STACK_CHART_REPO] name [$KUBE_PROM_STACK_CHART_NAME] version [$KUBE_PROM_STACK_CHART_VERSION]"
chart2install="$(get_helmchart_reference $KUBE_PROM_STACK_CHART_REPO $KUBE_PROM_STACK_CHART_NAME $KUBE_PROM_STACK_CHART_VERSION)"
-versionstring="$(get_helm_versionstring $KUBE_PROM_STACK_CHART_VERSION)"
+versionstring="$(get_helm_versionstring $KUBE_PROM_STACK_CHART_VERSION)"
log_debug "Installing Helm chart from artifact [$chart2install]"
helm $helmDebug upgrade --install $promRelease \
- --namespace $MON_NS \
- -f $imageKeysFile \
- -f monitoring/values-prom-operator.yaml \
- -f $istioValuesFile \
- -f $tlsValuesFile \
- -f $nodePortValuesFile \
- -f $wnpValuesFile \
- -f $PROM_OPER_USER_YAML \
- -f $tempoDSFile \
- --atomic \
- --timeout 20m \
- --set nameOverride=$promName \
- --set fullnameOverride=$promName \
- --set prometheus-node-exporter.fullnameOverride=$promName-node-exporter \
- --set kube-state-metrics.fullnameOverride=$promName-kube-state-metrics \
- --set grafana.fullnameOverride=$promName-grafana \
- --set grafana.adminPassword="$grafanaPwd" \
- --set grafana.serviceMonitor.scheme="$serviceMonitorEndpointScheme" \
- --set prometheus.prometheusSpec.alertingEndpoints[0].namespace="$MON_NS" \
- $versionstring \
- $chart2install
+ --namespace $MON_NS \
+ -f $imageKeysFile \
+ -f monitoring/values-prom-operator.yaml \
+ -f $istioValuesFile \
+ -f $tlsValuesFile \
+ -f $nodePortValuesFile \
+ -f $wnpValuesFile \
+ -f $PROM_OPER_USER_YAML \
+ -f $tempoDSFile \
+ --atomic \
+ --timeout 20m \
+ --set nameOverride=$promName \
+ --set fullnameOverride=$promName \
+ --set prometheus-node-exporter.fullnameOverride=$promName-node-exporter \
+ --set kube-state-metrics.fullnameOverride=$promName-kube-state-metrics \
+ --set grafana.fullnameOverride=$promName-grafana \
+ --set grafana.adminPassword="$grafanaPwd" \
+ --set grafana.serviceMonitor.scheme="$serviceMonitorEndpointScheme" \
+ --set prometheus.prometheusSpec.alertingEndpoints[0].namespace="$MON_NS" \
+ $versionstring \
+ $chart2install
sleep 2
#Container Security: Disable serviceAccount Token Automounting
disable_sa_token_automount $MON_NS v4m-grafana
-disable_sa_token_automount $MON_NS sas-ops-acct #Used w/Prometheus
+disable_sa_token_automount $MON_NS sas-ops-acct #Used w/Prometheus
disable_sa_token_automount $MON_NS v4m-node-exporter
disable_sa_token_automount $MON_NS v4m-alertmanager
@@ -244,42 +243,42 @@
log_verbose "Deploying cluster ServiceMonitors"
if [ "$TRACING_ENABLE" == "true" ]; then
- log_info "Tracing enabled..."
+ log_info "Tracing enabled..."
- #Generate yaml file with all container-related keys
- generateImageKeysFile "$TEMPO_FULL_IMAGE" "monitoring/tempo_container_image.template"
+ #Generate yaml file with all container-related keys
+ generateImageKeysFile "$TEMPO_FULL_IMAGE" "monitoring/tempo_container_image.template"
- # Add the grafana helm chart repo
- helmRepoAdd grafana https://grafana.github.io/helm-charts
- helm repo update
+ # Add the grafana helm chart repo
+ helmRepoAdd grafana https://grafana.github.io/helm-charts
+ helm repo update
- # Get Helm Chart Name
- log_debug "Tempo Helm Chart: repo [$TEMPO_CHART_REPO] name [$TEMPO_CHART_NAME] version [$TEMPO_CHART_VERSION]"
- chart2install="$(get_helmchart_reference $TEMPO_CHART_REPO $TEMPO_CHART_NAME $TEMPO_CHART_VERSION)"
- versionstring="$(get_helm_versionstring $TEMPO_CHART_VERSION)"
- log_debug "Installing Helm chart from artifact [$chart2install]"
+ # Get Helm Chart Name
+ log_debug "Tempo Helm Chart: repo [$TEMPO_CHART_REPO] name [$TEMPO_CHART_NAME] version [$TEMPO_CHART_VERSION]"
+ chart2install="$(get_helmchart_reference $TEMPO_CHART_REPO $TEMPO_CHART_NAME $TEMPO_CHART_VERSION)"
+ versionstring="$(get_helm_versionstring $TEMPO_CHART_VERSION)"
+ log_debug "Installing Helm chart from artifact [$chart2install]"
- log_info "Installing tempo"
- helm upgrade --install v4m-tempo \
- -n "$MON_NS" \
- -f $imageKeysFile \
- -f monitoring/values-tempo.yaml \
- -f "$TEMPO_USER_YAML" \
- $versionstring \
- $chart2install
+ log_info "Installing tempo"
+ helm upgrade --install v4m-tempo \
+ -n "$MON_NS" \
+ -f $imageKeysFile \
+ -f monitoring/values-tempo.yaml \
+ -f "$TEMPO_USER_YAML" \
+ $versionstring \
+ $chart2install
fi
# NGINX
set +e
kubectl get ns $NGINX_NS 2>/dev/null
if [ $? == 0 ]; then
- nginxFound=true
+ nginxFound=true
fi
set -e
if [ "$nginxFound" == "true" ]; then
- log_verbose "NGINX found. Deploying podMonitor to [$NGINX_NS] namespace"
- kubectl apply -n $NGINX_NS -f monitoring/monitors/kube/podMonitor-nginx.yaml 2>/dev/null
+ log_verbose "NGINX found. Deploying podMonitor to [$NGINX_NS] namespace"
+ kubectl apply -n $NGINX_NS -f monitoring/monitors/kube/podMonitor-nginx.yaml 2>/dev/null
fi
# Eventrouter ServiceMonitor
@@ -295,25 +294,25 @@
# Rules
log_verbose "Adding Prometheus recording rules"
for f in monitoring/rules/viya/rules-*.yaml; do
- kubectl apply -n $MON_NS -f $f
+ kubectl apply -n $MON_NS -f $f
done
# Elasticsearch Datasource for Grafana
LOGGING_DATASOURCE="${LOGGING_DATASOURCE:-false}"
if [ "$LOGGING_DATASOURCE" == "true" ]; then
- set +e
- log_debug "Creating the logging data source using the create_logging_datasource script"
- monitoring/bin/create_logging_datasource.sh
+ set +e
+ log_debug "Creating the logging data source using the create_logging_datasource script"
+ monitoring/bin/create_logging_datasource.sh
- if (( $? == 1 )); then
- log_warn "Unable to configure the logging data source at this time."
- log_warn "Please address the errors and re-run the follow command to create the data source at a later time:"
- log_warn "monitoring/bin/create_logging_datasource.sh"
- fi
- set -e
+ if (($? == 1)); then
+ log_warn "Unable to configure the logging data source at this time."
+ log_warn "Please address the errors and re-run the follow command to create the data source at a later time:"
+ log_warn "monitoring/bin/create_logging_datasource.sh"
+ fi
+ set -e
else
- log_debug "LOGGING_DATASOURCE not set"
- log_debug "Skipping creation of logging data source for Grafana"
+ log_debug "LOGGING_DATASOURCE not set"
+ log_debug "Skipping creation of logging data source for Grafana"
fi
echo ""
@@ -324,32 +323,32 @@
get_ingress_ports
# get URLs for Grafana, Prometheus and AlertManager
-gf_url=$(get_service_url $MON_NS v4m-grafana "$TLS_ENABLE")
+gf_url=$(get_service_url $MON_NS v4m-grafana "$TLS_ENABLE")
# pr_url=$(get_url $MON_NS v4m-prometheus "$TLS_ENABLE")
# am_url=$(get_url $MON_NS v4m-alertmanager "$TLS_ENABLE")
set -e
# If a deployment with the old name exists, remove it first
if helm3ReleaseExists v4m $MON_NS; then
- log_verbose "Removing outdated SAS Viya Monitoring Helm chart release from [$MON_NS] namespace"
- helm uninstall -n "$MON_NS" "v4m"
+ log_verbose "Removing outdated SAS Viya Monitoring Helm chart release from [$MON_NS] namespace"
+ helm uninstall -n "$MON_NS" "v4m"
fi
if ! deployV4MInfo "$MON_NS" "v4m-metrics"; then
- log_warn "Unable to update SAS Viya Monitoring Helm chart release"
+ log_warn "Unable to update SAS Viya Monitoring Helm chart release"
fi
# Print URL to access web apps
log_notice ""
log_notice "GRAFANA: "
if [ ! -z "$gf_url" ]; then
- log_notice " $gf_url"
+ log_notice " $gf_url"
else
- log_notice " It was not possible to determine the URL needed to access Grafana. Note "
- log_notice " that this is not necessarily a sign of a problem; it may only reflect an "
- log_notice " ingress or network access configuration that this script does not handle."
+ log_notice " It was not possible to determine the URL needed to access Grafana. Note "
+ log_notice " that this is not necessarily a sign of a problem; it may only reflect an "
+ log_notice " ingress or network access configuration that this script does not handle."
fi
- log_notice ""
+log_notice ""
#log_notice ""
#log_notice "================================================================================"
@@ -372,14 +371,12 @@
#log_notice ""
if [ "$showPass" == "true" ]; then
- # Find the grafana pod
-
- log_notice " Generated Grafana admin password is: $grafanaPwd"
- log_notice " To change the password, run the following script (replace myNewPassword with an updated password):"
- log_notice " monitoring/bin/change_grafana_admin_password.sh -p myNewPassword"
+ # Find the grafana pod
+
+ log_notice " Generated Grafana admin password is: $grafanaPwd"
+ log_notice " To change the password, run the following script (replace myNewPassword with an updated password):"
+ log_notice " monitoring/bin/change_grafana_admin_password.sh -p myNewPassword"
fi
log_message ""
log_notice " Successfully deployed components to the [$MON_NS] namespace"
-
-
----------
You can reformat the above files to meet shfmt's requirements by typing:
shfmt -s -w filename
Abandoning this change due to unexpected problems when ingress is not defined.